Routing issue: SVI vs Firewall interface

Similar Messages

• Firewall reverse routing issue:

  Dear Friends,
  I am using ASA 5505 with base license and ISP connected directly on the firewall.While L# switch is connected through firewall also.
  my configuration is :
  ASA Version 7.2(4)
  hostname CiscoFirewall03316
  domain-name default.domain.invalid
  enable password Ko5SCsPM2YQ1wt2G encrypted
  passwd Ko5SCsPM2YQ1wt2G encrypted
  names
  interface Vlan1
  nameif inside
  security-level 100
  ip address 10.192.32.11 255.255.255.0
  interface Vlan2
  nameif outside
  security-level 0
  ip address 112.23.24.25 255.255.255.248
  interface Vlan10
  no nameif
  security-level 90
  ip address 192.168.0.3 255.255.240.0
  <--- More --->
  interface Vlan50
  no nameif
  security-level 80
  ip address 10.195.32.15 255.255.255.0
  interface Ethernet0/0
  switchport access vlan 2
  interface Ethernet0/1
  interface Ethernet0/2
  switchport access vlan 10
  interface Ethernet0/3
  interface Ethernet0/4
  interface Ethernet0/5
  switchport access vlan 50
  interface Ethernet0/6
  interface Ethernet0/7
  <--- More --->
  ftp mode passive
  clock timezone IST 5 30
  dns domain-lookup inside
  dns domain-lookup outside
  dns server-group DefaultDNS
  name-server 121.242.190.181
  name-server 121.242.190.210
  domain-name default.domain.invalid
  same-security-traffic permit inter-interface
  same-security-traffic permit intra-interface
  access-list in_out extended permit ip any any
  access-list out_in extended permit ip any any
  access-list out_in extended permit ip any 112.23.24.25 255.255.255.248
  access-list cisco_splitTunnelAcl standard permit 0.0.0.0 255.255.255.0
  access-list cisco_splitTunnelAcl_1 standard permit any
  pager lines 24
  logging enable
  logging asdm informational
  mtu inside 1500
  mtu outside 1500
  ip local pool ciscouser 10.10.10.240-10.10.10.249 mask 255.255.255.0
  icmp unreachable rate-limit 1 burst-size 1
  icmp permit any inside
  icmp permit any outside
  <--- More --->
  asdm image disk0:/asdm-523.bin
  no asdm history enable
  arp timeout 14400
  global (outside) 1 interface
  nat (inside) 1 0.0.0.0 0.0.0.0
  access-group in_out in interface inside
  access-group out_in in interface outside
  route inside 192.168.0.0 255.255.240.0 192.168.0.2 1
  route outside 0.0.0.0 0.0.0.0 112.23.24.25 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  http server enable
  http 10.192.32.0 255.255.255.0 inside
  http 112.23.24.0 255.255.255.248 outside
  http 0.0.0.0 0.0.0.0 outside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec transform-set TRANS_ESP_DES_SHA esp-des esp-sha-hmac
  crypto ipsec transform-set TRANS_ESP_DES_SHA mode transport
  crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
  <--- More --->
  crypto dynamic-map outside_dyn_map 20 set pfs
  crypto dynamic-map outside_dyn_map 20 set transform-set ESP-DES-SHA
  crypto dynamic-map outside_dyn_map 40 set pfs
  crypto dynamic-map outside_dyn_map 40 set transform-set ESP-DES-SHA
  crypto dynamic-map outside_dyn_map 60 set pfs
  crypto dynamic-map outside_dyn_map 60 set transform-set ESP-DES-SHA
  crypto dynamic-map outside_dyn_map 80 set pfs
  crypto dynamic-map outside_dyn_map 80 set transform-set TRANS_ESP_DES_SHA
  crypto dynamic-map outside_dyn_map 100 set pfs
  crypto dynamic-map outside_dyn_map 100 set transform-set ESP-DES-SHA
  crypto dynamic-map outside_dyn_map 120 set pfs
  crypto dynamic-map outside_dyn_map 120 set transform-set ESP-DES-SHA
  crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
  crypto map outside_map interface outside
  crypto isakmp enable outside
  crypto isakmp policy 10
  authentication pre-share
  encryption des
  hash sha
  group 2
  lifetime 86400
  client-update enable
  no vpn-addr-assign aaa
  no vpn-addr-assign dhcp
  <--- More --->
  telnet 10.192.32.0 255.255.255.0 inside
  telnet 0.0.0.0 0.0.0.0 outside
  telnet 112.23.24.0 255.255.255.0 outside
  telnet timeout 5
  ssh timeout 5
  console timeout 0
  dhcpd auto_config outside
  group-policy DefaultRAGroup internal
  group-policy DefaultRAGroup attributes
  dns-server none
  vpn-tunnel-protocol l2tp-ipsec
  group-policy cisco internal
  group-policy cisco attributes
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value cisco_splitTunnelAcl_1
  username test password tFqxsrS5ErBk4STW encrypted privilege 0
  username test attributes
  vpn-group-policy cisco
  username admin password V5OS2TRb/vQZ7oZ9 encrypted
  username ciscouser password 6aU35/UOvPoumpKWCFYSig== nt-encrypted privilege 0
  username ciscouser attributes
  vpn-group-policy DefaultRAGroup
  <--- More --->
  tunnel-group DefaultL2LGroup ipsec-attributes
  pre-shared-key *
  tunnel-group DefaultRAGroup general-attributes
  address-pool ciscouser
  default-group-policy DefaultRAGroup
  tunnel-group DefaultRAGroup ipsec-attributes
  pre-shared-key *
  tunnel-group DefaultRAGroup ppp-attributes
  no authentication chap
  authentication ms-chap-v2
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum 512
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
  <--- More --->
    inspect rsh
    inspect rtsp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
  policy-map type inspect im Google
  parameters
  match protocol msn-im yahoo-im
    drop-connection log
  service-policy global_policy global
  prompt hostname context
  Cryptochecksum:a883391680fa205ee31f05881761958c
  : end
  Everything is running fine on vlan 1 but vlan 10 is not running from user end.there is no ping from inside of 192.168.0.2
  Please advise me.Thanks

  There are 2 conflicting configuration:
  interface Vlan10
  no nameif
  security-level 90
  ip address 192.168.0.3 255.255.240.0
  and "route inside 192.168.0.0 255.255.240.0 192.168.0.2 1"
  How do you want to connect VLAN 10? is it on its own interface on the firewall? if it is, then you would need to configure a name for it, via the nameif command, and remove the above route inside
  if it is going to be a routed subnet via the inside interface, then the above route needs to be modified as follows:
  route inside 192.168.0.0 255.255.240.0 10.192.32.x
  --> 10.192.32.x needs to be the next hop which is your L3 switch vlan 1 interface ip
  and you would also need to shutdown interface vlan 10 on the ASA and remove the IP Address.

• Routing issue between Cisco device and Virtual machine

  Hi Guys,
  We have two local subnets in a virtualized environment, subnet 1 has a VM operating as a firewall, we would like all traffic for subnet 2 to go via VM on subnet 1, this will police traffic on subnet 2 and then reroute.  
  The infrastructure involved comprises,
  Internet Edge Switch -> ASA -> Core Switch -> IBM Flex chassis
  The Internet edge switch is directly connected between the ISP routers and the Cisco ASA firewall pair (A/S). The ASA is then connected to the Core switch. Connected from the core switch is an IBM Flex chassis, via a port channel (all vlans allowed)
  The local subnets in question are as follows:
  Vlan 101 (10.1.1.0/24)
  Vlan 102 (10.2.1.0/24)
  The VM in question has two NIC cards having IP address of both subnets.
  NIC 1:  10.1.1.1
  NIC 2: 10.2.1.1
  We would like packets destined for 10.2.1.1 to land on 10.1.1.1 IP address. At the moment traffic for each vlan routes from the outside to their respective local subnets successfully, what we are having difficulty with is directing traffic for subnet 2 via subnet 1 VM firewall.
  At the moment we have tried adding a static route on the core switch but it didn’t work
  ip route 10.2.0.0 255.255.255.0 10.1.1.1
  I will appreciate if you could share your knowledge and guide me how to achieve this goal.
  Thanks in advance :-)

  Hi,
  I think for this to work you need a transit vlan between the VMs and the core switch. So, if you have 2 vlans on the VM (101 and 102) you use the VM switch to route between the vlans and in order to go outside the local vlans you would use the core switch.  In this scenario you would not have an SVI (layer-3) interface on the core.  The only thing that core will have is the layer-2 vlans (101 and102).  You would than need a static route on the core switch to point to the transit vlan on the VM side.
  so, for example, if the transit vlan is vlan 110 and the ip is 192.168.1.0/24
  on the core you have static routes:
  ip route 10.1.1.0/24 192.168.1.2 (VM side)
  ip route 10.1.2.0/24 192.168.1.2 (VM side)
  You also need an SVI for vlan 110 with ip address 192.168.1.1/24 on the core.
  on the VM you need a default route to point to the core (192.168.1.1).
  Is this what you are trying to do?
  HTH

• Routing issue in Nexus 7009 due to vPC or hsrp

  we have two site's, on first site we have two nexus 7009 switches (Nexus A  & Nexus B)  and other site is remote site having two 6500 switches. (design attached)
  we are using hsrp on nexus switches and Active is Nexus A for all vlan’s 
  From one of my remote site user's (user's are in vlan 30 ) are not able to communicate with  nexus site vlan 20 specially if host in vlan 20 take forwarding path from nexus switch B,
  I can ping the vlan 20 both physical address's and gateway (vlan 20 configured in both nexus switch and using HSRP) from vlan 30 which configured on remote site 6500 switch
  ospf with area 0 is the  routing protocol running between both site.
  vlan 10 we are using as a management  vlan on both nexus switch  that building neighbore ship with WAN router, it's means wan router have two neighbors nexus A and nexus B, but nexus B building the neigbhorship via a Nexus A because from WAN router we have single link which is terminated on Nexus A,
  there is one layer 2 switch between nexus A and WAN router, nexus A site that switch port in vPC because we are planning to pull second link later to nexus B.
  All user's are connected with edge switch and edge switch have a redundant uplink to nexus A and B with vPC configured
  After troubleshooting we observe that if user in vlan 20 wants to communicate with vlan 30 (remote site), traffic is taking Nexus B is forwarding path, then gets drops.
  I run the tracert from pc its showing route till SVI on Nexus B  after that seems packets not finding route.  Even vlan 30 routes are available in the routing table of Nexus B. we don’t have any access-list and Firewall between this path.

  Hi,
  I suspect in your scenario that traffic is being dropped due to the characteristics of vPC, the routing table on Nexus-B may reflect the next-hop address for the destination IP, however if that next-hop address is the address of the Nexus-A off of VLAN 20 then it will be forwarded across the vPC peer-link, this breaks the convention.
  When you attach a Layer 3 device to a vPC domain, the peering of routing protocols using a VLAN also carried on the vPC peer-link is not supported. If routing protocol adjacencies are needed between vPC peer devices and a generic Layer 3 device, you must use physical routed interfaces for the interconnection.
  You can configure VLAN Interfaces for Layer 3 connectivity on the vPC peer devices to link to Layer 3 of the network for such applications as HSRP and PIM. However, Cisco recommend that you configure a separate Layer 3 link for routing from the vPC peer devices, rather than using a VLAN network interface for this purpose.
  Take a look at the following URL, this article helps to explain the characteristics of vPC and routing over the peer-link:
  http://bradhedlund.com/2010/12/16/routing-over-nexus-7000-vpc-peer-link-yes-and-no/
  Regards
  Allan.
  Hope you find this is helpful.
  Sent from Cisco Technical Support iPad App

• Routing Issue with 3550

  I am having a routing issue with a 3550 switch. I have 5 vlans and I need one of the vlans to access a different router based on destination IP rather than our edge router. I have entered a static route on the 3550 that points to the secondary router whenever a certain network is tried to be accessed. My problem is I can't seem to get the traffic to flow correctly. When I trace route an address on the Internet the path shows as expected, the 3550 then my firewall then my edge router. When I trace an address that is on the other side of the secondary router I get the 3550 as the first hop, then nothing. I can ping the address so I know the path is up. What could be the issue? Thanks in advance.

  Hello,
  in addition to Mahmood´s post, what do you have defined as the next hop for the default route to the secondary router ? If you use an interface on the 3550 as the next hop, make sure that whatever is connected is in the same subnet, otherwise use the IP address of the next hop. So, let´s say your remote network is 192.168.1.0, and the secondary router is connected to FastEthernet0/1, your default route should look like this if the secondary router is in the same subnet (in this example, the IP address of the secondary router would be 172.16.1.2):
  interface FastEthernet0/1
  no switchport
  ip address 172.16.1.1 255.255.255.252
  ip route 192.168.1.0 0.0.0.255 FastEthernet0/0
  Otherwise, try:
  ip route 192.168.1.0 0.0.0.255 172.16.1.2
  where 172.16.1.2 would be the address of the secondary router.
  Does that make sense ?
  Regards,
  GNT

• Multicast routing issues when a subinterface is configured

  Strange issue here. Cisco and the vendor are unable to help so far...
  Most of our layer 3 lives on core switches. However, we have  a couple sites off our WAN connected via  Cisco routers. In these offices, we can not get paging to work.
  I  setup a lab and have finally determined what is at least causing the  issue. My lab "branch" has  the same problems, but I can resolve the  problem by removing the sub-interface off the router.
  On my LAN side  of the router, with this  config, everything works fine.
  #--- THIS WORKS ---#
  R1#
  ip pim rp-address 192.168.251.254
  gig 0/0 (connects to SW1 g0/1)
   ip address 10.254.253.254 255.255.255.0
   ip pim sparse-dense mode
  SW1#
   gig 0/1 (connects to R1 g0/0)
   !no config - default VLAN1
  When I apply this config...everything breaks. The phone goes off
  #--- THIS DOES NOT WORK ---#
  R1#
  ip pim rp-address 192.168.251.254
  gig 0/0 (connects to SW1 g0/1)
   no ip
  gig 0/0.777 (connects to SW1 g0/1)
   ip address 10.254.253.254 255.255.255.0
   ip pim sparse-dense mode
  SW1#
   gig 0/1 (connects to R1 g0/0)
   sw mode trunk
   sw trunk  encap dot1q
  int vlan 777
   ip address 10.254.253.1 255.255.255.0
   ip pim sparse-dense mode
  int vlan 778
   ip address 10.254.251.1 255.255.255.0
   ip pim sparse-dense mode
   gig 0/17 (phone port)
   switch access vlan 778 (keeping it simple for now)
  I have tried this on 2 different model routers, each with different IOS versions.  The same issues follow each router. What is it about the  sub interfaces?
  Any insight? Calling all multicast experts! Thanks!

  Hi,
  creating sub-interface should not create any difference here. Only difference i can see earlier switch was working in l2 mode now it is participating in multicast routing as SVI is configured and pim neighborship established. Have you configured RP address on SW1. Please share below outputs from both devices
  - running config
  - show ip mroute <group>
  - show ip pim rp address mapping
  Regards,
  Akash

• Routing Issue with 2 Nics on Windows Server 2008 R2

  Good Day
  My issue is I needed to set up port forwarding for a web server to communicate with our hotels management server to check availability.
  Initially the server has a single Nic configured in the 172.26.1.0 /24 network  , Its default gateway the Switch vlan interface 172.26.1.1
  We have many vlans for all the systems in the hotel and the server also needs to communicate with 3 other servers on different subnets which it does just fine.
  I now added an additional adsl line with a managed router which has an interface of 192.168.10.1 /24 , My servers second NIC has the IP address 192.168.10.2 with its gateway being the 192.168.10.1
  This 192.168.10.0 network is in a L2 Vlan and the rest of the network does not know it exists. It was working fine then just stopped asfter i added a static route to the server , which i did with RRas... I did this as the server could not communicate with
  just one of the servers..
  If i disable the 172.26.1.0 NIC the port forwarding works but then obviously the rest of the network goes down.. I know its a routing issue but am lost
  please help

  Hello,
  using multiple default gateways is not a good idea.
  See details in http://support.microsoft.com/kb/159168/en-us
  Best regards
  Meinolf Weber
  MVP, MCP, MCTS
  Microsoft MVP - Directory Services
  My Blog: http://blogs.msmvps.com/MWeber
  Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
  Twitter:  

• No airtunes with pppoE due to routing issues?

  I just switched to an optical fiber to the home internet connection (which is getting pretty popular here in Japan). Needless to say, the network is very fast, however, I can no longer use airtunes via my airport express network. The airport express stations (both of them) no longer show up in iTunes. My guess is that this is due to a routing issue and the same problem must have been encountered by others before and hopefully solved. The new internet connection uses pppoE to make a connection to the internet service provider. This gives me an internet address of the form 125.197.xx.yy. I still have my airport express set to get an address via dhcp (which the new optical fiber hub provides) and is of the typical private network form 192.168.1.4. When I am connected by pppoE to the internet, my iTunes cannot see my airport express due to routing issues I assume. Is there an elegant solution to this -- can I use my airtunes and the internet at the same time? Would modifying the internet routing help here (I have used this before when I have had multiple interfaces going (e.g. one in a secure local lan and the other supporting an internet connection via ssh to the outside world). Any advise would be much appreciated. I haven't tried asking my airport express to log in via pppoE -- is this the only solution?

  Well as I have for my last several posts -- I solved the problem myself. I am pretty sure that the root cause was a routing problem (pretty obvious in fact). By have the airport express base station connect via pppoE itself (I have a remote relay airport express as well) and switching to NAT and DHCP distribution of addresses via the airport express, I can both see my airtunes as well as my ethernet connection. It is a non-ideal solution as I have a fixed IP which would have been convenient to log in from outside to, but I guess I can live with that.

• VLAN Select with firewall interfaces

  We are looking to implement vlan select on a wireless network. This network needs to be terminated behind the firewall. We were looking at putting the layer 3 interfaces on the core, then using a route-map to change the next hop to the common firewall interface. Is there a better way to configure such a setup?

  Yup,
  There should be no problem with such configuration. I suspect something is misconfigured on switches. Are you sure both ports are trunks and both are configured as single etherchannel in lacp mode on switches?
  Because VLANs are configured over bonds - I'd rather suspect LACP misconfiguration not VLANs here. AFAIK you should be having problems without using VLANs too.
  Here is my config which just works and there are couple vlans configured over bond0:
  Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
  Bonding Mode: IEEE 802.3ad Dynamic link aggregation
  Transmit Hash Policy: layer2 (0)
  MII Status: up
  MII Polling Interval (ms): 250
  Up Delay (ms): 500
  Down Delay (ms): 500
  802.3ad info
  LACP rate: slow
  Min links: 0
  Aggregator selection policy (ad_select): stable
  Active Aggregator Info:
          Aggregator ID: 1
          Number of ports: 4
          Actor Key: 17
          Partner Key: 40
          Partner Mac Address: 02:00:00:00:00:0c
  Slave Interface: eth0
  MII Status: up
  Speed: 1000 Mbps
  Duplex: full
  Link Failure Count: 0
  Permanent HW addr: 5c:f3:fc:da:bb:14
  Aggregator ID: 1
  Slave queue ID: 0
  Slave Interface: eth1
  MII Status: up
  Speed: 1000 Mbps
  Duplex: full
  Link Failure Count: 0
  Permanent HW addr: 5c:f3:fc:da:bb:16
  Aggregator ID: 1
  Slave queue ID: 0
  Slave Interface: eth2
  MII Status: up
  Speed: 1000 Mbps
  Duplex: full
  Link Failure Count: 0
  Permanent HW addr: 00:10:18:a5:bb:80
  Aggregator ID: 1
  Slave queue ID: 0
  Slave Interface: eth3
  MII Status: up
  Speed: 1000 Mbps
  Duplex: full
  Link Failure Count: 0
  Permanent HW addr: 00:10:18:a5:bb:82
  Aggregator ID: 1
  Slave queue ID: 0
  Oracle VM documentation states only that mode=6 of bonding is not supported with VLANs, but mode=4 is frequently used with Oracle VM.
  Regards,
  Michal

• Possible internet routing issues driving me crazy!

  I've somehow hit a problem accessing a particular favourite website and it seems I may have a routing issue.
  I've spoken with a friend who is fairly network savvy and he's suggested I raise a case \ complaint with BT. I thought I'd use this forum to test if I'm missing something I could be doing to fix it before logging a problem with BT Helpdesk!
  I've a BT Homehub 2 (Current firmware    4.7.5.1.83.3.5 (Type B) and I can access pretty much all websites I care to look at without any issue at all, however the site I read most days is now no longer viewable on any of my 2 PC's nor my iPhone. When I try to access it I  get no error messages at all just a blank white page.
  Doesn't matter if I try using IE or Firefox or Chrome browers it's the same result - I just see a blank white page.
  The site in question www.celticquicknews.co.uk (or www.celticquicknews.com) and is definitely available, as I can access it when using a site such as http://www.free-internet-organization.tk/ on both my PC's and iphone so I know the web site is up and running and available for browsing but since Thursday lunchtime I've had no joy in being to access that particular site directly wihout resorting to using another middleman site to let me view it.
  I have tweeted the guy who hosts the www.celticquicknews.co.uk site and he's said his site is fine but has numerous similar queries around BTINTERNET folks having the same issue as I'm reporting.
  I run McAfee Internet Security and having disabled the various firewall \secure browsing functions no improvement still no joy.
  I did successfully somehow connect directy to the illusive web site this morning (Sunday 1st May) on my iphone at around 10am, but by the time I boiled the kettle to have a coffeee and sit and read the site it became inaccessable again on my iphone and both my PC's! So what's going on?
  www.celticquicknews.co.uk [217.174.253.143]
  www.celticquicknews.com [217.174.253.143]
  Homehub TCP\IP info is as below which I suspect is of value to the more techincal on the forum:
  Broadband network IP address    109.152.154.29
  Default gateway    217.32.142.102
  Primary DNS    194.72.0.114
  Secondary DNS    62.6.40.162
  ADSL line status
  Connection Information
  Line state    Connected
  Connection time    0 days, 01:11:16
  Downstream    15,978 Kbps
  Upstream    1,144 Kbps
  ADSL Settings
  VPI/VCI    0/38
  Type    PPPoA
  Modulation    G.992.5 Annex A
  Latency type    Interleaved
  Noise margin (Down/Up)    5.2 dB / 6.0 dB
  Line attenuation (Down/Up)    31.0 dB / 13.8 dB
  Output power (Down/Up)    23.6 dBm / 1.7 dBm
  C:\>tracert -d 217.174.253.143
  Tracing route to 217.174.253.143 over a maximum of 30 hops
    1    <1 ms    <1 ms    <1 ms  192.168.1.254
    2    15 ms    15 ms    15 ms  217.32.142.102
    3    18 ms    17 ms    16 ms  217.32.142.142
    4    22 ms    22 ms    21 ms  213.120.163.26
    5    22 ms    20 ms    21 ms  217.32.27.30
    6    21 ms    21 ms    21 ms  217.32.27.178
    7    22 ms    21 ms    21 ms  109.159.250.78
    8    33 ms    35 ms    35 ms  109.159.250.13
    9    28 ms    28 ms    29 ms  62.172.102.1
   10    29 ms    28 ms    28 ms  195.66.224.98
   11    33 ms    34 ms    33 ms  88.208.255.61
   12    38 ms    32 ms    33 ms  88.208.255.102
   13     *        *        *     Request timed out.
   14     *        *        *     Request timed out.
   15     *        *        *     Request timed out.
   16     *        *        *     Request timed out.
   17     *        *        *     Request timed out.
   18     *        *        *     Request timed out.
   19     *        *        *     Request timed out.
   20     *        *        *     Request timed out.
   21     *        *        *     Request timed out.
   22     *        *        *     Request timed out.
   23     *        *        *     Request timed out.
   24     *        *        *     Request timed out.
   25     *        *        *     Request timed out.
   26     *        *        *     Request timed out.
   27     *        *        *     Request timed out.
   28     *        *        *     Request timed out.
   29     *        *        *     Request timed out.
   30     *        *        *     Request timed out.
  Trace complete.
  C:\>
  I've reset my HH several times over the weekend and am baffled as to how I can somehow have 1 site excluded from my browsing options for no obvious reason other than a suspected internet routing issue.
  My iPhone is on ORANGE and when disabling the wireless connection it too is unable to view the site in question so it's a real pain!
  Not sure where to go to progress this so any help \ guidance is very much appreciated.......
  Solved!
  Go to Solution.

  Appreciate the help....been out for most of the day and checked in to see if any additional posts.
  I tried pinging the site and it does seem to resolve OK and also tried accessing site via IP but same issue - blank white page.
  >ping www.celticquicknews.co.uk
  Pinging www.celticquicknews.co.uk [217.174.253.143] with 32 bytes of data:
  Request timed out.
  Request timed out.
  Request timed out.
  Request timed out.
  Then tried the telnet command "telnet 217.174.253.143 80" and I do not get any errors and as suggested the command prompt goes blank but no matter what I type I get no errors or response from server 217.174.253.143.
  My IP address has changed from this morning and sadly still same issue for me.
  Internet connection configuration
  Connection Information
  Connection time
  0 days, 10:05:37
  Data Transmitted/Received (MB)
  10.8 / 29.4
  Broadband username
  [email protected]
  Password
  Not configured
  TCP/IP settings
  Broadband network IP address
  86.147.168.198
  Default gateway
  217.32.142.102
  Primary DNS
  194.72.0.114
  Secondary DNS
  62.6.40.162
  The tracert comments make sense so that's helped me understand, thanks for checking that out.
  So what's the best option for me? Am I wasting BT and my own time logging a case?
  I'd not usually bother pursuing this for the sake of a single web site but I'm bemused how this has happened since last week?
  Thanks again for all help and guidance.
  PJ

• Routing issue- seeing same IPs for two hops

  Hello All,
  I'm seeing two same IPs in the traceroute output. Is that due to routing issue that nexhop is as the same device for the first time?
  Log:
  6  10.30.102.26  61.060 ms 10.30.100.142  61.266 ms 10.30.102.26  61.071 ms
  7  10.30.102.26  61.139 ms  61.211 ms 10.61.191.2  60.948 ms
  Can you  guys help me to fix the issue??
  Regards,
  Thiyagu

  Are you load balancing anywhere?
  6 10.30.102.26  61.060 ms
     10.30.100.142  61.266 ms
     10.30.102.26  61.071 ms
  7 10.30.102.26  61.139 ms  61.211 ms
     10.61.191.2  60.948 ms
  HTH,
  John
  *** Please rate all useful posts ***

• Routing Issue with Telia

  I think verizon has a routing issue with Telia.

  thought I would share this,   Telia has admited an issue on their network
  Twitter / Telia_service: @Ungvall routing problem? This ...
  https://twitter.com/Telia_service/status/179661595276881921
  Cached
  Similar
  Share
  View shared post
  BTW Apparently @Telia_service had routing problems on both the latest iOS and ... DNS problem and we are working with Akamai for a sollution to this problem

• How to configure one dsl connection and one public ip in cisco router and map to one interface for using exchange server

  how to configure one dsl connection and one public ip in cisco router and map to one interface for using exchange server

  Hi ,
   Have you got any additional public IP Address from your service provider , If yes on router you can have static route for those additional IP Address pointing to your ASA  outside interface . 
  Accordingly you can configure NAT 
  HTH
  Sandy . 

• Audio tracks playing different audio tracks - routing issue?

  I'm having trouble with some routing issues I believe. Here's the deal:
  Some audio tracks are playing different audio tracks, when that region is not even in it. For instance:
  Track #2 is Soloed. Output is Output 1-2. I hear the audio file that is in Track #1, which is NOT Soloed and I shouldn't even hear. I don't hear anything from Track #2. The only way I can hear Track #2 is by playing it from the audio bin, which obviously isn't going to work out right.
  If I drag the audio region of Track #2 to a brand new audio track, I still don't hear anything. Is it possible this audio file(s) got corrupted somehow?
  Please help!

  Chris Joye wrote:
  I'm having trouble with some routing issues I believe. Here's the deal:
  Some audio tracks are playing different audio tracks, when that region is not even in it. For instance:
  Track #2 is Soloed. Output is Output 1-2. I hear the audio file that is in Track #1, which is NOT Soloed and I shouldn't even hear. I don't hear anything from Track #2. The only way I can hear Track #2 is by playing it from the audio bin, which obviously isn't going to work out right.
  If I drag the audio region of Track #2 to a brand new audio track, I still don't hear anything. Is it possible this audio file(s) got corrupted somehow?
  Please help!
  Check the parameters, in the left side of the arrange page window.
  To me, it sounds as if you have a bunch of arrange tracks, which are all playing back through audio track #1.
  Cheers

• Routing of messages to different interfaces via HTTP using one single URL.

  Hi all,
  I'm working on an inbound scenario. Messages are coming to SAP via HTTP adapter and i'm using a unique URL of every interface. But what is required is one single URL for all interfaces without any dropbox in PI, i.e. all messages will be pushed to one URL and i have to route them to their respective interfaces, there is no storage involved in PI box.

  Shamit2903 wrote:
  Hi all,
  >
  > I'm working on an inbound scenario. Messages are coming to SAP via HTTP adapter and i'm using a unique URL of every interface. But what is required is one single URL for all interfaces without any dropbox in PI, i.e. all messages will be pushed to one URL and i have to route them to their respective interfaces, there is no storage involved in PI box.
  logically this is not a possibility.
  But in case you are looking at a generic interface then you will have to handle this using;
  1.  a generic Data type to accommodate all required structures
  2. use conditional routing in configuration to execute further transformations.
  I wouldnt recommend this though.